Docs

Documentation

Enclave is a control plane for running untrusted, agent-generated workloads inside isolated, credential-scoped, ephemeral sessions. Start with the architecture, learn the core concepts, then dive into the page for any package — each one documents its interfaces, key functions, and data contracts against the real source.

Phase 1

This documents Phase 1, which runs untrusted code. Phase 2 reuses the same core to run a computer-use loop (a model driving a headless browser).

Getting started

Clone it, run the demo.

Everything runs on a laptop against the in-process simulator backend — no Kubernetes, no Docker. The demo proves containment end to end in one command.

Architecture →REST API →

terminalbash

# clone + install
pnpm install

# the whole containment story in one command:
pnpm demo        # 4 hostile workloads contained + 1 clean run returns its result

# boot the full local stack (no Kubernetes, no Docker) + smoke + hot-reload:
pnpm adl:cloud

Concepts & reference

The ideas behind a run

A handful of concepts describe every session. Each links to a focused page.

Start here

A page per package

Enclave is a pnpm/TypeScript monorepo. Data flows one way: every package depends on shared for the wire format; the control plane is the hub everything else talks to.

Package

Documentation

Clone it, run the demo.

The ideas behind a run

Architecture→

Session lifecycle→

Containment model→

Data contracts→

REST API→

Changelog→

A page per package

shared→

control-plane→

sdk→

mcp→

console→

runner→

deploy→